From 7964823e3f398c41a7ad1c0e8c4c28c0806a9c0d Mon Sep 17 00:00:00 2001 From: HarmJ0y Date: Wed, 14 Dec 2016 11:53:29 -0500 Subject: Added documentation for PowerUp --- docs/Privesc/Enable-Privilege.md | 105 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100755 docs/Privesc/Enable-Privilege.md (limited to 'docs/Privesc/Enable-Privilege.md') diff --git a/docs/Privesc/Enable-Privilege.md b/docs/Privesc/Enable-Privilege.md new file mode 100755 index 0000000..6de9c43 --- /dev/null +++ b/docs/Privesc/Enable-Privilege.md @@ -0,0 +1,105 @@ +# Enable-Privilege + +## SYNOPSIS +Enables a specific privilege for the current process. + +Author: Will Schroeder (@harmj0y) +License: BSD 3-Clause +Required Dependencies: PSReflect + +## SYNTAX + +``` +Enable-Privilege [-Privilege] +``` + +## DESCRIPTION +Uses RtlAdjustPrivilege to enable a specific privilege for the current process. +Privileges can be passed by string, or the output from Get-ProcessTokenPrivilege +can be passed on the pipeline. + +## EXAMPLES + +### -------------------------- EXAMPLE 1 -------------------------- +``` +Get-ProcessTokenPrivilege +``` + +Privilege Attributes ProcessId + --------- ---------- --------- + SeShutdownPrivilege DISABLED 3620 + SeChangeNotifyPrivilege ...AULT, SE_PRIVILEGE_ENABLED 3620 + SeUndockPrivilege DISABLED 3620 +SeIncreaseWorkingSetPrivilege DISABLED 3620 + SeTimeZonePrivilege DISABLED 3620 + +Enable-Privilege SeShutdownPrivilege + +Get-ProcessTokenPrivilege + + Privilege Attributes ProcessId + --------- ---------- --------- + SeShutdownPrivilege SE_PRIVILEGE_ENABLED 3620 + SeChangeNotifyPrivilege ...AULT, SE_PRIVILEGE_ENABLED 3620 + SeUndockPrivilege DISABLED 3620 +SeIncreaseWorkingSetPrivilege DISABLED 3620 + SeTimeZonePrivilege DISABLED 3620 + +### -------------------------- EXAMPLE 2 -------------------------- +``` +Get-ProcessTokenPrivilege +``` + +Privilege Attributes ProcessId +--------- ---------- --------- +SeShutdownPrivilege DISABLED 2828 +SeChangeNotifyPrivilege ...AULT, SE_PRIVILEGE_ENABLED 2828 +SeUndockPrivilege DISABLED 2828 +SeIncreaseWorkingSetPrivilege DISABLED 2828 +SeTimeZonePrivilege DISABLED 2828 + + +Get-ProcessTokenPrivilege | Enable-Privilege -Verbose +VERBOSE: Attempting to enable SeShutdownPrivilege +VERBOSE: Attempting to enable SeChangeNotifyPrivilege +VERBOSE: Attempting to enable SeUndockPrivilege +VERBOSE: Attempting to enable SeIncreaseWorkingSetPrivilege +VERBOSE: Attempting to enable SeTimeZonePrivilege + +Get-ProcessTokenPrivilege + +Privilege Attributes ProcessId +--------- ---------- --------- +SeShutdownPrivilege SE_PRIVILEGE_ENABLED 2828 +SeChangeNotifyPrivilege ...AULT, SE_PRIVILEGE_ENABLED 2828 +SeUndockPrivilege SE_PRIVILEGE_ENABLED 2828 +SeIncreaseWorkingSetPrivilege SE_PRIVILEGE_ENABLED 2828 +SeTimeZonePrivilege SE_PRIVILEGE_ENABLED 2828 + +## PARAMETERS + +### -Privilege +{{Fill Privilege Description}} + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: Privileges + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName, ByValue) +Accept wildcard characters: False +``` + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[http://forum.sysinternals.com/tip-easy-way-to-enable-privileges_topic15745.html](http://forum.sysinternals.com/tip-easy-way-to-enable-privileges_topic15745.html) + -- cgit v1.2.3